The Xentara Web Service v1.0.1
User Manual
|
Web Server is type of Xentara microservice. Xentara Web Server using HTTP/1.1 protocol with security extension for sending and receiving requests with security. Furthermore, it has user verification to control the user's activity.
Xentara Web Service plugin requires SSL self signed certificate to enable secure connection (Https) between the Xentara Web Service and client devices. The SSL self signed certificate used to encrypt the data and authenticate the Xentara Web Service Server on the client devices.
Xentara Web Service requires SSL certificate with the key in PEM format.
OpenID Connect is an identity layer of the OAuth 2.0 framework. OpenID Connect is an end-user identity protocol which obtains basic profile information using JSON web tokens (JWTs) for authentication.
JSON web token is an open standard which offers a compressed self-contained way securely sending JSON-encoded data between parties. JWT tokens can use a public or private pair of keys in the form of a X.509 certificate for signing and can be asymmetrical or symmetrical. The JWT is sent encoded by the sender and is decoded by the recipient device. A decoded JSON Web Token is seperated in three main parts :
JWT claims are statements which contain profile information like name or email address. JWT allows customized claims but there are some registered claims that can be found in the table below :
Claim name | Claim Description |
---|---|
iss | Issuer |
sub | Subject |
aud | Audience |
exp | Expiration time |
nbf | Not before |
iat | Issued at time |
jti | JSON Web Token ID |
More registered standard claims can be found in Internet Assigned Numbers Authority.
Xentara Web Server supports two types of verification for the tokens:
JWKS verification process can automatically detect the public key from the given key sets. For simple public key verification, the signature verification algorithm and the file containing the public key must be specified.
The Xentara Web Service supports the signature verification algorithms in the table found below :
HMAC | RSA | ECDSA | PSS | EdDSA |
---|---|---|---|---|
HS256 | RS256 | ES256 | ES256 | ED25519 |
HS384 | RS384 | ES256K | ES384 | ED448 |
HS512 | RS512 | ES384 | ES512 | - |
- | - | ES512 | - | - |
A client device with valid verification credentials can send and receive HTTP requests with Xentara Web Service . Each request is sent to the Web Service server, first is verified and if the request is verified, the server processes the request.
Xentara Web Service uses an API of Endpoints to associate the HTTP requests with the datapoints. Endpoints specify locations where the client can read or write specific "value" by sending Http requests. Web Service assigns endpoints by setting a string value name of the endpoint paired with a string value of the primary key of the datapoint.
In the body of each HTTP request the Web Service Server expects the "value" in JSON format. It requres one "value" within each request and it can be boolean, string, integer or float. Some examples can be found below :
{"value":true}
{"value":false}
{"value":"Xentara"}
{"value":1}
{"value":1.23}